Staff Security Engineer @ Instacart - San Francisco, CA

Staff Security Engineer


OVERVIEW
We're looking for experienced Security Engineers to join our fast moving team. We work on a range of interesting and challenging problems, from supporting thousands of concurrent shoppers and processing millions of data points in real time, to determining the best route for deliveries and predicting store inventory levels.
Our goal is to run the world's most trusted and secure grocery delivery platform. We work across all layers of our infrastructure to ensure we deploy trustworthy systems and protect our customers', shoppers', and partners' data.
As one of the early members of the Security Team, you will have a tremendous impact on Instacart's security posture and engineering culture. This is a great opportunity for someone who wants to have a large sense of ownership, grow extraordinarily in their career, develop cross-functional technical and soft skills. Our platform is complex, rapidly scaling and processing millions of transactions in real-time, all of the time.

ABOUT THE JOB


  • Delivering and executing a compelling security strategy spanning across multiple product teams and acquisitions

  • Evaluate, prototype, implement, and support security-focused tools and services

  • Partner with senior leaders across Instacart to help deliver company-wide security initiatives

  • Oversee the analysis of business requirements and the interpretation into security deliverables

  • Maintain strong knowledge of current security threats, mitigations and operational best practices

  • Lead cross-functional projects and establishing cutting-edge security development lifecycle practices

  • Develop new secure security protocols, frameworks and reference architecture spanning multiple layers

  • Provide consultation in security architecture design/review of new products and services

  • Establish credibility as a trusted advisor to stakeholders including partners, executives, and peers


ABOUT YOU

  • 8+ years of technical security leadership at top-tier cloud-native companies

  • 8+ years of experience with cryptography, security products, threat modeling, security design, infrastructure security, security architecture, PKI, and broader security technologies

  • 8+ years of relevant Security Engineering experience within a technology organization, including software development, cloud computing and mobile applications

  • Experience with large-scale web applications and backend services, including API design, access management, authorization, authentication, data protection and encryption

  • Experience defining security policy, technology requirements, and security best-practices

  • Solid understanding of common application and infrastructure security vulnerabilities and mitigations

  • Experience implementing SDLC process, technology, and automation in a DevOps environment

  • Superior communication skills - ability to serve as a security advocate and evangelist

  • Demonstrated technical foundation (Computer Science / Engineering degree or equivalent) with a business-savvy mindset and an innate ability to translate technical vulnerabilities into comprehensive organizational risks for senior leadership

  • Strong ties with the broader security community to attract and hire great talent

  • Bonus Points – Active contributor to the security community (Security research, CVEs, bug-bounty recognitions, open-source, blogs, publications…)